The maximum number of WAN Miniport (IKEv2) ports changes from 128 to two after you install Windows Server 2008 R2 SP1

Article translations Article translations
Article ID: 2487292 - View products that this article applies to.
Expand all | Collapse all

On This Page

SYMPTOMS

Consider the following scenario:
  • You install the Network Policy and Access Services role on a server that is running an x64-based version of Windows Server 2008 R2.
  • You configure and then enable the Routing and Remote Access service on the server.

    Note If you examine the Port window of the Routing and Remote Access service, you notice that the maximum number of WAN Miniport (IKEv2) ports is set to 128.
  • You install Windows Server 2008 R2 Service Pack 1 (SP1) on the server.
In this scenario, the maximum number of IKEv2 ports is changed from 128 to two. Therefore, only two IKEv2 connections can be active at one time.

If more than two clients try to connect to the server at the same time, the Routing and Remote Access service rejects the IKEv2 connection requests. Additionally, the following message is logged in the Rastapi.log file:
Couldn’t find a listening port. Dropping call

CAUSE

By default, the maximum number of IKEv2 ports in the Port window of the Routing and Remote Access service in Windows Server 2008 R2 is set to two. The number is changed to 128 after you enable the Routing and Remote Access service. However, the IKEv2 component is reinstalled unexpectedly when you install Windows Server 2008 SP1. Therefore, the maximum number of IKEv2 ports is set back to two.

RESOLUTION

To prevent this issue, we recommend that you install this hotfix package before you install Windows Server 2008 R2 SP1.

If you have installed Windows Server 2008 R2 SP1 before this hotfix package, follow these steps to prevent the issue:
  1. Manually change the maximum number of number of ports to 128 or a customized value by using an administrator account.
  2. Install this hotfix package.

Update information

How to obtain this update

The following files are available for download from the Microsoft Download Center:
Collapse this tableExpand this table
Operating systemUpdate
All supported x64-based versions of Windows Server 2008 R2
Collapse this imageExpand this image
Download
Download the update package now.
All supported IA-64-based versions of Windows Server 2008 R2
Collapse this imageExpand this image
Download
Download the update package now.
For more information about how to download Microsoft support files, click the following article number to view the article in the Microsoft Knowledge Base:
119591 How to obtain Microsoft support files from online services
Microsoft scanned this file for viruses. Microsoft used the most current virus-detection software that was available on the date that the file was posted. The file is stored on security-enhanced servers that help prevent any unauthorized changes to the file.

Prerequisites

To apply this update, you must have the Routing and Remote Access Services role installed on the server.

Registry information

To use the update in this package, you do not have to make any changes to the registry.

Restart requirement

You do not have to restart the computer after you apply this update.

Update replacement information

This update does not replace a previously released update.

File information

The global version of this hotfix installs files that have the attributes that are listed in the following tables. The dates and the times for these files are listed in Coordinated Universal Time (UTC). The dates and the times for these files on your local computer are displayed in your local time together with your current daylight saving time (DST) bias. Additionally, the dates and the times may change when you perform certain operations on the files.
Windows Server 2008 R2 file information notes
  • The files that apply to a specific product, milestone (RTM, SPn), and service branch (LDR, GDR) can be identified by examining the file version numbers as shown in the following table:
    Collapse this tableExpand this table
    VersionProductMilestoneService branch
    6.1.760 0.16xxxWindows Server 2008 R2RTMGDR
    6.1.760 0.20xxxWindows Server 2008 R2RTMLDR
  • GDR service branches contain only those fixes that are widely released to address widespread, extremely important issues. LDR service branches contain hotfixes in addition to widely released fixes.
  • The MANIFEST files (.manifest) and the MUM files (.mum) that are installed for each environment are listed separately in the "Additional file information for Windows Server 2008 R2" section. MUM and MANIFEST files, and the associated security catalog (.cat) files, are extremely important to maintain the state of the updated components. The security catalog files, for which the attributes are not listed, are signed with a Microsoft digital signature.
For all supported x64-based versions of Windows 7 and of Windows Server 2008 R2
Collapse this tableExpand this table
File nameFile versionFile sizeDateTimePlatform
Netcfg.exe6.1.7600.1672632,76829-Dec-201010:31x64
Netcfg.exe6.1.7600.2086732,76829-Dec-201010:33x64
Netcfg.exe6.1.7601.1753032,76829-Dec-201010:50x64
Netcfg.exe6.1.7601.2162832,76829-Dec-201010:26x64

WORKAROUND

To work around this issue, use one of the following methods to change the maximum number of IKEv2 ports back to the default value 128 or the number of ports configured manually by the administrator:

Method 1

Change the maximum number of ports in the Port window of the Routing and Remote Access service. To do this, follow these steps:
  1. Click Start, point to All Programs, click Administrative Tools, and then click Server Manager.
  2. In the left pane, expand Roles, expand Network Policy and Access, and then expand Routing and Remote Access.
  3. Right-click Ports, and then click Properties.
  4. Select WAN Miniport (IKEv2) in the Ports Properties dialog box, and then click Configure.
  5. Change the Maximum port to 128 or the value you set before and then click OK.
  6. Apply the change and then restart the computer.

Method 2

At a command prompt, type the following command to change the maximum port number and then restart the server:
netsh ras set wanports device="WAN Miniport (IKEv2)" maxports=128

STATUS

Microsoft has confirmed that this is a problem in the Microsoft products that are listed in the "Applies to" section.

MORE INFORMATION

For more information about software update terminology, click the following article number to view the article in the Microsoft Knowledge Base:
824684 Description of the standard terminology that is used to describe Microsoft software updates

Additional file information

Additional file information for Windows Server 2008 R2

Additional files for all supported x64-based versions of Windows Server 2008 R2
Collapse this tableExpand this table
File nameAmd64_1dddfebf4c7ffc5d40355cfcbb59d5fa_31bf3856ad364e35_6.1.7600.16726_none_a271c7191a38e7a2.manifest
File versionNot applicable
File size698
Date (UTC)30-Dec-2010
Time (UTC)00:15
PlatformNot applicable
File nameAmd64_1efb79b16034dfa96f689748cb7e4172_31bf3856ad364e35_6.1.7600.20867_none_2e305f6949e4f22f.manifest
File versionNot applicable
File size698
Date (UTC)30-Dec-2010
Time (UTC)00:15
PlatformNot applicable
File nameAmd64_25398a1ccb59a707082b81a96aa38b7e_31bf3856ad364e35_6.1.7601.17530_none_b7de13d01fadfa92.manifest
File versionNot applicable
File size698
Date (UTC)30-Dec-2010
Time (UTC)00:15
PlatformNot applicable
File nameAmd64_a40d4509cac2562f4c9033c988803e5a_31bf3856ad364e35_6.1.7601.21628_none_720e088417e1e4cc.manifest
File versionNot applicable
File size698
Date (UTC)30-Dec-2010
Time (UTC)00:15
PlatformNot applicable
File nameAmd64_microsoft-windows-netcfg_31bf3856ad364e35_6.1.7600.16726_none_6c65b4c96af8f409.manifest
File versionNot applicable
File size2,341
Date (UTC)29-Dec-2010
Time (UTC)12:07
PlatformNot applicable
File nameAmd64_microsoft-windows-netcfg_31bf3856ad364e35_6.1.7600.20867_none_6cc5122e84361cee.manifest
File versionNot applicable
File size2,341
Date (UTC)29-Dec-2010
Time (UTC)12:08
PlatformNot applicable
File nameAmd64_microsoft-windows-netcfg_31bf3856ad364e35_6.1.7601.17530_none_6e3b4027682ce3dc.manifest
File versionNot applicable
File size2,341
Date (UTC)29-Dec-2010
Time (UTC)11:56
PlatformNot applicable
File nameAmd64_microsoft-windows-netcfg_31bf3856ad364e35_6.1.7601.21628_none_6ed7af2e813b326d.manifest
File versionNot applicable
File size2,341
Date (UTC)29-Dec-2010
Time (UTC)12:02
PlatformNot applicable
File nameUpdate.mum
File versionNot applicable
File size3,215
Date (UTC)30-Dec-2010
Time (UTC)00:15
PlatformNot applicable

Properties

Article ID: 2487292 - Last Review: February 24, 2011 - Revision: 3.0
APPLIES TO
  • Windows Server 2008 R2 Enterprise
  • Windows Server 2008 R2 Standard
  • Windows Server 2008 R2 Datacenter
  • Windows Server 2008 R2 Foundation
Keywords: 
kbfix kbexpertiseinter kbsurveynew atdownload kbhotfixserver KB2487292

Give Feedback

 

Contact us for more help

Contact us for more help
Connect with Answer Desk for expert help.
Get more support from smallbusiness.support.microsoft.com